HAProxy vulnerabilities

2021-08-17T00:00:00

Description

## Releases * Ubuntu 21.04 * Ubuntu 20.04 LTS ## Packages * haproxy \- fast and reliable load balancing reverse proxy It was discovered that HAProxy incorrectly handled the HTTP/2 protocol. A remote attacker could possibly use this issue to bypass restrictions.

Affected Package

OS	OS Version	Package Name	Package Version
Ubuntu	21.04	haproxy	2.2.9-1ubuntu0.1
Ubuntu	20.04	haproxy	2.0.13-2ubuntu0.2
Ubuntu	20.04	haproxy-dbgsym	2.0.13-2ubuntu0.2
Ubuntu	20.04	haproxy-doc	2.0.13-2ubuntu0.2
Ubuntu	20.04	vim-haproxy	2.0.13-2ubuntu0.2

{"id": "USN-5042-1", "vendorId": null, "type": "ubuntu", "bulletinFamily": "unix", "title": "HAProxy vulnerabilities", "description": "## Releases\n\n * Ubuntu 21.04 \n * Ubuntu 20.04 LTS\n\n## Packages\n\n * haproxy \\- fast and reliable load balancing reverse proxy\n\nIt was discovered that HAProxy incorrectly handled the HTTP/2 protocol. A \nremote attacker could possibly use this issue to bypass restrictions.\n", "published": "2021-08-17T00:00:00", "modified": "2021-08-17T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://ubuntu.com/security/notices/USN-5042-1", "reporter": "Ubuntu", "references": ["https://launchpad.net/bugs/1940314"], "cvelist": [], "immutableFields": [], "lastseen": "2023-01-26T15:20:06", "viewCount": 82, "enchantments": {"dependencies": {"references": []}, "score": {"value": 3.4, "vector": "NONE"}, "backreferences": {"references": [{"type": "nessus", "idList": ["UBUNTU_USN-5042-1.NASL"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-39240", "UB:CVE-2021-39241", "UB:CVE-2021-39242"]}]}, "exploitation": null, "vulnersScore": 3.4}, "_state": {"dependencies": 1674747202, "score": 1684008354, "epss": 1679109163}, "_internal": {"score_hash": "1e2c31c4fa104d584dfd0a61172c1b64"}, "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "2.2.9-1ubuntu0.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "haproxy"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "2.0.13-2ubuntu0.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "haproxy"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "2.0.13-2ubuntu0.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "haproxy-dbgsym"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "2.0.13-2ubuntu0.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "haproxy-doc"}, {"OS": "Ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "2.0.13-2ubuntu0.2", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "vim-haproxy"}]}